Privacy Policy

Privacy & Cookies Policy

Effective Date: May 24, 2018

INAGORA Co., Ltd. (“we,” “us,” or “our”) operates the https://www.onemall.jp/ website (the “Services”).

This Privacy & Cookies Policy (“Policy”) explains the types of information we collect about you, whether provided directly by you, through third parties, or automatically when you use our website and associated services (collectively, our “Services”). 

We use your data to enhance and improve our Services. By accessing our Services, you agree to the collection and use of your information as outlined in this Policy.

Definitions

Services

Refers to the https://www.onemall.jp/ website and related services operated by INAGORA Co., Ltd.

Personal Data

Information about an identifiable individual (directly or indirectly) from that data alone or in combination with other information we may hold.

Usage Data

Data collected automatically, such as information about how the Services are accessed and used (e.g., the length of time spent on a page).

Cookies  

Small data files are stored on your device (computer or mobile) to help enhance your browsing experience.

Data Controller  

The person or organization that determines the purposes and methods for processing personal data. For this Policy, we are the Data Controller of your Personal Data. 

Data Processors (or Service Providers)  

Any person or entity that processes data on behalf of the Data Controller. We work with various Service Providers to facilitate data processing.

Data Subject (or User)  

Any individual who uses our Services and whose Personal Data is subject to processing.

Compliance with Laws and Guidelines on Personal Information Handling

We handle personal information in strict adherence to applicable laws, legal guidelines, and any responsibilities as defined by the relevant administrative agencies. We also comply with internal policies and the standards outlined in our Terms and Conditions. Our aim is to protect and responsibly manage Client personal information in accordance with the requirements of the following overseeing bodies and regulations:

Relevant Laws and Regulations

Contents

  • Personal information protection policy
  • Laws and guidelines pertaining to the protection of personal information

Overseeing Body, Office, or Authority

  • Personal Information Protection Commission (PPC)

Internal Policies

Contents

  • Information storage and confidentiality
  • Policies pertaining to Cookies
  • Regulations for permanent employee
  • Regulations for contracted employees
  • Regulations for part-time employees
  • Recruitment Manual
  • Rules pertaining to remote-work
  • Miscellaneous operations manuals

Overseeing Body, Office, or Authority

  • Risk Management Team
  • General Affairs Department
  • Overseeing Department(s)

Data Collection

We collect various types of information to enhance and improve our Services for you, each serving distinct purposes to meet your needs and expectations.

Types of Data Collected

1. Personal Data

To provide and improve our Service, we may request certain personally identifiable information that can be used to contact or identify you (“Personal Data”). This may include but is not limited to:

  • Email address
  • First and last name
  • Residential Address, including State, Province, ZIP/Postal Code, and City
  • Billing Address, including State, Province, ZIP/Postal Code, and City
  • Cookies and Usage Data
  • IP addresses and geolocation data

Social Logins

INAGORA Co., Ltd. also enables Users to log in via social accounts such as Facebook,TikTok and Google. When you log in using a social media profile, certain information, such as your name, email address, social profile URLs, and profile photos, will be shared with us.

2. Usage Data

We may collect information on how the Service is accessed and used (“Usage Data”). This includes details like your IP address, browser type, and version, the pages you visit on our Service, the time and date of your visit, time spent on those pages, unique device identifiers, and diagnostic data.

3. Tracking & Cookies Data

We use cookies and similar tracking technologies to monitor activity on our Services and store specific information. Cookies are small files, which may include an anonymous unique identifier, sent to your browser and stored on your device. Tracking technologies, including beacons, tags, and scripts, also help us gather information and improve our Service.

  • Session Cookies: For the operation of our Services.
  • Preference Cookies: To remember your settings and preferences.
  • Security Cookies: For login information protection and fraud prevention.

You may configure your browser to refuse all cookies or notify you when a cookie is sent; however, disabling cookies may limit your ability to use certain portions of our Services.

How We Use Your Data

INAGORA Co., Ltd. uses collected data for the following purposes:

  • To provide and maintain our Services
  • To inform you of any updates or changes to our Services
  • To enable participation in interactive features of our Services at your request
  • To offer customer support
  • To analyze data and gather insights to enhance our Services
  • To monitor usage and detect, prevent, and address technical issues
  • To detect and prevent fraudulent activities
  • To share news, special offers, and general information about related products, services, or events unless you have opted out
  • We may also use your Personal Data to contact you via newsletters, marketing materials, and promotional information. You can opt-out at any time by following the unsubscribe link in our emails or by contacting us directly.

Legal Basis for Processing Personal Data Under the General Data Protection Regulation (GDPR)

If you are located within the European Economic Area (EEA), INAGORA Co., Ltd.’s legal basis for collecting and processing your Personal Data, as outlined in this Privacy Policy, depends on both the data in question and the context of its collection. We may process your Personal Data under one of the following bases:

  • To perform a contract with you
  • To deliver the Services and goods you have ordered
  • With your consent
  • To pursue our legitimate interests, provided that these are not overridden by your rights
  • For processing payments
  • To comply with Japanese and international legal obligations

Data Retention

INAGORA Co., Ltd. will retain your Personal Data only as long as necessary to fulfill the purposes described in this Privacy Policy. We may retain and use your data as required to comply with our legal obligations (e.g., under Japanese tax law), resolve disputes, and enforce agreements and policies.

Usage Data is generally retained for a shorter period, except where it is needed to improve Service functionality or security, or where legal requirements dictate longer retention.

Data Transfer

Your information, including Personal Data, may be stored and processed on computers located outside your jurisdiction, where data protection laws may differ. If you are outside Japan and submit information to us, note that data is transferred to and processed in Japan. By using our Service and submitting information, you consent to this transfer.

INAGORA Co., Ltd. ensures that your data is securely handled according to this Privacy Policy, and transfers will only occur to jurisdictions or organizations with adequate data security measures in place. 

Consignment of Personal Data

To provide optimal service, personal data may occasionally be entrusted to partner companies that assist with our Services. Only the minimum necessary data is shared, and consignment occurs only after verifying that the partner’s privacy policy meets or exceeds our standards.

Sharing of Personal Data

We will not share your Personal Data with third parties unless:

  • You have given explicit consent
  • Sharing is essential for fulfilling your intended use of the Services
  • Required by law
  • Necessary to protect the life, wellbeing, or property of any individual, particularly if consent cannot be confirmed
  • Needed for public welfare or the protection of minors, especially when permission cannot be confirmed
  • Required for legally mandated duties from government or public organizations where obtaining consent may impede those duties
  • Authorized or jointly used by recognized third parties

Disclosure of Data

Disclosure for Law Enforcement

In certain situations, INAGORA Co., Ltd. may disclose your Personal Data in response to legal obligations or valid requests from public authorities (e.g., court orders or government agencies).
INAGORA Co., Ltd. may disclose your Personal Data in good faith if it is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of INAGORA Co., Ltd.
  • Investigate and prevent potential fraud or other prohibited activities
  • Protect the personal safety of users or the public
  • Defend against potential legal liability

Procedures for Disclosure of Saved Personal Data

We promptly address requests from Clients regarding any saved personal data, including requests for usage reports, data disclosure, modifications, deletions, suspension of use, and details of data shared with third parties. Upon verifying the identity of the applicant or their authorized representative, we will fulfill such requests within a reasonable timeframe.

For requests related to saved personal data, please contact our office listed below. Upon receiving a request, we will provide a “Saved Personal Data Disclosure Request Form” by mail, fax, or email. Kindly complete and return this form, along with any required documents. (Postage and other associated costs are the applicant’s responsibility.)

Once the applicant’s identity (or that of their legal representative) is confirmed, we will provide the requested data via the applicant’s preferred communication method.

We have implemented robust organizational, physical, and technical measures to prevent leakage, loss, or damage to Clients’ personal data and ensure secure data management.

For further information regarding our data security measures, please contact our Personal Data Inquiries Department.

Company Name: INAGORA Co., Ltd.
Address: 1-1-7 Sakuragicho, Naka-ku, Yokohama, Kanagawa, Japan

Security of Data

INAGORA Co., Ltd. employs technical and organizational security measures to safeguard the personal information of our Website users against unauthorized access, disclosure, alteration, and destruction. However, please be aware that no method of transmission over the Internet or electronic storage is completely secure. While we take commercially reasonable measures to protect your Personal Data, absolute security cannot be guaranteed. We advise you to take precautions when sharing personal information online and use internet security measures, such as firewalls and secure email.

Sensitive data exchanged between INAGORA Co., Ltd. and Users is protected via SSL encryption and digital signatures.

In the event of an unauthorized security breach affecting your data, we will notify you promptly and provide a summary of the actions taken in response.

“Do Not Track” Signals

INAGORA Co., Ltd. does not respond to “Do Not Track” (DNT) signals. DNT is a setting in some web browsers to inform websites that you do not wish to be tracked. You can enable or disable DNT through your browser’s Preferences or Settings.

Your Data Protection Rights Under the General Data Protection Regulation (GDPR)

If you reside in the European Economic Area (EEA), you are entitled to specific data protection rights. INAGORA Co., Ltd. is committed to assisting you with accessing, updating, amending, deleting, or limiting your Personal Data.

If you wish to review the Personal Data we have on file or request its removal, please contact us. Under certain conditions, you have the following rights:

  • Right of Access, Update, or Deletion: Where possible, you can access, update, or request the deletion of your data directly in your account settings. For assistance, please contact us.
  • Right of Rectification: You have the right to request correction of any inaccurate or incomplete information we hold about you.
  • Right to Object: You may object to the processing of your Personal Data.
  • Right of Restriction: You may request the restriction of the processing of your Personal Data.
  • Right to Data Portability: You are entitled to a copy of your data in a structured, machine-readable format.
  • Right to Withdraw Consent: You may withdraw your consent to process your Personal Data at any time, where we rely on your consent for processing.

We may ask you to verify your identity before responding to these requests.

If you are dissatisfied with our data collection or use, you have the right to lodge a complaint with your local data protection authority within the EEA.

Service Providers

To ensure the effective delivery and analysis of our Services, we may work with third-party companies and individuals (“Service Providers”) to assist us. These Service Providers have access to your Personal Data solely for performing specific tasks on our behalf and are contractually obligated to keep your data confidential and to use it only for the services they provide.

Analytics

We may use third-party analytics providers to help monitor and analyze the usage of our Services.

Google Analytics

Google Analytics is a web analytics tool from Google that helps us track and report website traffic. Google uses the data collected to monitor our Services’ usage patterns and may share this information within its network to enhance its own advertising efforts.

You may opt out of Google Analytics by installing the Google Analytics opt-out browser add-on, which prevents Google Analytics from collecting information about your website activity.

For more details on Google’s privacy practices, please see their Privacy & Terms page: Google Privacy & Terms.

Behavioral Remarketing

INAGORA Co., Ltd. uses remarketing services to reach out to you on third-party websites based on your prior visits to our website. Our third-party vendors use cookies to inform, optimize, and deliver ads based on these visits.

Google Ads

Our Google Ads remarketing services are provided by Google Inc. You can adjust your Google Display Network ad settings or opt out of Google Analytics for Display Advertising by visiting Google Ads Settings. Additionally, installing the Google Analytics Opt-out Browser Add-on will prevent Google Analytics from gathering your data.

For more information on Google’s data practices, please see the Google Privacy & Terms page.

Facebook Remarketing

INAGORA Co., Ltd. utilizes Facebook’s remarketing services, provided by Facebook Inc., to deliver ads based on your previous interactions with our site. To learn more about Facebook’s interest-based advertising, visit their Help Page. You can opt-out by following Facebook’s instructions here.

Facebook complies with the Self-Regulatory Principles for Online Behavioral Advertising set by the Digital Advertising Alliance. Additionally, you can opt-out from interest-based ads by using the Digital Advertising Alliance’s resources:

For more details on Facebook’s privacy practices, please see their Data Policy.

Payments

For our paid products and services, we work with third-party payment processors to handle payments securely. We do not store payment card details; they are handled directly by our payment providers, following PCI-DSS standards for data protection.

The payment processors we use include:

Data Storage

To securely manage and store our data, we use third-party services, specifically Alibaba Cloud.Alibaba Cloud provides data protection in accordance with their privacy policy, which can be reviewed here.

Links to Other Sites

Our Services may contain links to third-party websites, which are not operated by INAGORA Co., Ltd. We recommend reviewing the Privacy Policy of any external site you visit, as we have no control over and are not responsible for the privacy practices, policies, or content of third-party sites.

Children’s Privacy

Our Services are not intended for anyone under 18 (“Children”). We do not knowingly collect personal data from children. If you become aware that your child has provided us with personal data, please contact us. Upon becoming aware of such instances, we will take steps to remove the information from our servers.

Changes to This Privacy Policy

We reserve the right to modify our Privacy Policy as needed. Updates will be posted on this page, with the effective date updated at the top. If significant changes are made, we will notify users via email and/or a prominent notice on our website before they take effect. We encourage periodic reviews of this policy to stay informed about any changes.

Contact Us

If you have questions about this Privacy Policy, you can contact us:

  • Company Name: INAGORA Co., Ltd.
  • Address: Naka-ku Sakuragicho 1-chome 1-7, Yokohama, Kanagawa, Japan

General Policies Regarding Information Security

INAGORA Co., Ltd. complies with ISO27001 standards to ensure information security. We aim to earn and maintain the trust of our clients and partners across cross-border eCommerce, export, shopping platform services, marketing, and consulting by upholding high standards of information security.

Action Plan

  • We implement both organizational and technical measures to safeguard the confidentiality, safety, and accessibility of information.
  • Employees receive ongoing training on information security policies.
  • We continuously review and improve our information security management systems and goals.
  • Specific roles are designated to oversee the security measures and their improvement.

Handling of Personal Information in Membership Registration

  1. Business Name: INAGORA Co., Ltd.
  2. Personal Information Protection Contact
    • Company Name: INAGORA Co., Ltd.
    • Address: Kanagawa, Yokohama, Naka-ku Sakuragicho 1-chome 1-7 
  3. Purpose of Use
    • Fulfilling orders and processing transactions.
    • Authentication for registered members.
    • Sending relevant information, including newsletters.
  4. Sharing of Information
    • Personal data will not be shared with third parties unless required by law.
  5. Consignment
    • We may delegate some personal information handling tasks to third parties with robust data protection practices.
  6. Consequences of Withholding Information
    • Providing personal information is voluntary; however, not doing so may limit our ability to offer certain services.
  7. Disclosure Requests
    • Upon request, we will provide or amend personal data, correct inaccuracies, or cease sharing information with third parties as required.
  8. Data Collection via Cookies
    • We use cookies, web beacons, and similar technologies to collect information in ways that may not be immediately visible to users. For more details, refer to our Privacy & Cookies Policy.
  9. Security Control Measures
    • Necessary steps are taken to prevent unauthorized access, data loss, and other security risks.
  10. Personal Information Protection Policy
    • For more details, please review our Privacy & Cookies Policy on our website.

Handling of Personal Information in Inquiries

  1. Business Name: INAGORA Co., Ltd.
  2. Personal Information Protection Contact
    • Company Name: INAGORA Co., Ltd.
    • Address: Naka-ku Sakuragicho 1-chome 1-7, Yokohama, Kanagawa, Japan
  3. Purpose of Use: To respond to client inquiries.
  4. Sharing of Information: Personal information obtained will not be shared with third parties unless legally required.
  5. Consignment: We may delegate tasks involving personal information handling to third parties with robust privacy protection practices.
  6. Consequence of Withholding Information: Providing personal information is voluntary; however, without it, we may be unable to respond to the inquiry.
  7. Disclosure Requests: At the client’s request, we can disclose, correct, delete, or suspend the use of personal data. Please see our “Contact for Complaints, Consultations, etc.” for inquiry details.
  8. Data Collection via Cookies: We use cookies, web beacons, and similar means to collect information that may not be immediately apparent to users. See our Privacy & Cookies Policy for details.
  9. Security Measures: We take necessary steps to prevent unauthorized access, data loss, or damage. Collected personal information will be deleted following the resolution of the inquiry.
  10. Personal Information Protection Policy: Refer to the “Privacy & Cookies Policy” page on our website.

Personal Information Protection Policy

INAGORA Co., Ltd. respects the privacy of clients involved in purchasing agency, cross-border eCommerce, shopping platform services, marketing, and consulting. We adhere to laws and internal regulations for data protection, fostering an organizational structure committed to respecting and protecting personal information.

  • Acquisition and Use: Personal information is acquired, used, and provided fairly and only for specified purposes within our business scope. We ensure data is not used outside these specified purposes.
  • Compliance: We comply with relevant laws, guidelines, norms, and social standards to safeguard personal information.
  • Data Management: Aware of risks such as unauthorized access and data leaks, we implement security measures and corrective actions when necessary.
  • Client Inquiries: We respond appropriately to inquiries about data use, correction, suspension, or complaints.
  • Continuous Improvement: Our data protection management system is regularly reviewed and enforced across our organization for ongoing improvement.

Effective Dates

  • Enacted: 21st February, 2022
  • Revised: 13th July, 2022; 1st December, 2022

CEO: WENG YONGBIAO, INAGORA Co., Ltd.